San Francisco, Apr 16, 2015 – Security specialist RiskIQ says the growth
in digital business is producing an increasing threat to banks across
the world, as they seek new ways to connect with customers. Its latest
research shows that a selection of 35 top banks have more than 260,000
assets exposed to external risk.

With the growth in social media, websites, and mobile apps, banks are increasingly turning to new ways of providing services. But with the largest banks owning an average of 7,500 public facing digital assets, the RiskIQ research found that 60% sat outside the company firewall.

Banks facing increased risk from hackers as their digital footprint grows. In addition, they are relying heavily on external third-party code to power tracking, analytics, serving company ads and supporting re-targeting. This third party code provides an additional attack vector that can be exploited by malicious actors.

RiskIQ also discovered 1,777 mobile applications, or an average of 51 per bank. Of these, only 5% of mobile applications were found in the official app stores (Googleplay, Apple, etc), whilst 95% were hosted on secondary, tertiary, affiliate or foreign app stores.

Elias Manousos, CEO of RiskIQ, said: “The two trends of externally hosted digital assets and the use of third party components highlights the changing security landscape that banks and other organisations are dealing with. As digital assets move outside of the corporate firewall, traditional security approaches become ineffective and the potential attack surface for the adversary grows. Today, effective defence begins with a full understanding of your digital footprint. At RiskIQ we help many of the world’s top banks identify and defend their digital presence.”

Summary of Findings

The results were gathered by the RiskIQ platform, which continuously monitors websites and mobile application stores using web scale virtual user technology to detect suspect applications, application tampering and brand impersonation. For this survey, RiskIQ inspected the web and mobile assets of 35 top banks, finding:

· 94% were incorporating code from one or more third-party analytics/tracking services

· 70% were running their own digital ads using third-party ad serving technology and dropping 3rd party beacons

· 94% were incorporating code from one or more third-party JavaScript libraries

(Source - RiskIQ Press Release)

The CCR World App

Read CCR World as an App on your iPad or iPhone.
Simply click on this link
(opens iTunes as an external link) to see the CCR World iTunes
Preview and download to receive a free two-week trial or go to iTunes or the App Store and search for
"CCR World".

CCR Magazine

Want to know more about the UK credit scene? Then take a look at our sister magazine, CCR, the leading UK publication for senior credit industry executives.